You are here: Home > CLI Commands > Just_CLI_Topics > ssh

ssh

ssh

disable-ciphers {aes-cbc | aes-ctr}

disable-mac hmac-sha1-96

disable_dsa

mgmt-auth {public-key [username/password]|username/password [public-key]}

<username> <ip_addr>

Description

This command configures SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. access to a Mobility Master.

Syntax

Parameter

Description

Default

disable-ciphers

Disables cipher authentication for SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. . Specify the cipher to be disabled.

aes-cbc

Disables AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.-CBC authentication for SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. . This parameter enables the aes-ctr encryption.

aes-ctr

Disables AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.-CTR authentication for SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. . This parameter enables the aes-cbc encryption.

disable-mac Disables Message Authentication Code algorithm for SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. authentication. hmac-sha1-96

hmac-sha1-96

Disables HMAC-SHA1-96 authentication for SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. .

 

disable_dsa

Disables DSA authentication for SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. . Only RSARivest, Shamir, Adleman. RSA is a cryptosystem for public-key encryption, and is widely used for securing sensitive data, particularly when being sent over an insecure network such as the Internet. authentication is used.

mgmt-auth

Configures the authentication method for the management user. You can specify a username and password only, public keyThe part of a public-private key pair that is made public. The public key encrypts a message and the message is decrypted with the private key of the recipient. only, or both username and password and public keyThe part of a public-private key pair that is made public. The public key encrypts a message and the message is decrypted with the private key of the recipient..

username and
password

<username>

Username for SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device.  login.

<ip_addr>

IPv4 or IPv6 address of the remote machine.

Usage Guidelines

Public key authentication is supported using a X.509X.509 is a standard for a public key infrastructure for managing digital certificates and public-key encryption. It is an essential part of the Transport Layer Security protocol used to secure web and email communication. certificate issued to the management client. If you specify public-key authentication, you need to load the client X.509X.509 is a standard for a public key infrastructure for managing digital certificates and public-key encryption. It is an essential part of the Transport Layer Security protocol used to secure web and email communication. certificate into Mobility Master and configure certificate authentication for the management user with the mgmt-user ssh-pubkey command.

Example

The following command configures SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. access using public keyThe part of a public-private key pair that is made public. The public key encrypts a message and the message is decrypted with the private key of the recipient. authentication only:

(host) [mynode] (config) #ssh mgmt-auth public-key

mgmt-user ssh-pubkey client-cert ssh-pubkey cli-admin root

The following command enables AES-CBC and disables AES-CTR on the SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. server:

(host) [md] (config) #ssh disable-ciphers aes-ctr

The following command enables both the cipher encryptions on the SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. server:

(host) [md] (config) #no ssh disable-ciphers

The following command disables HMAC-SHA1-96 on the SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device. server:

(host) [md] (config) #ssh disable-mac hmac-sha1-96

Related Commands

Command

Description

show ssh

Displays the SSHSecure Shell. SSH is a network protocol that provides secure access to a remote device.  configuration details.

Command History

Release

Modification

ArubaOS 8.3.0.0

The following parameters are introduced to configure cipher and MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication:

disable-ciphers

disable-mac

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

Licensing

Command Mode

All platforms

Base operating system.

Config mode on Mobility Master.

/*]]>*/